12 matches found
EUVD-2022-34900
Malicious code in bioql PyPI...
CVE-2022-2654
The Classima WordPress theme before 2.1.11 and some of its required plugins Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10 do not escape a parameter before outputting it back in attributes,...
CVE-2022-2654
The Classima WordPress theme before 2.1.11 and some of its required plugins Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10 do not escape a parameter before outputting it back in attributes,...
CVE-2022-2654
The Classima WordPress theme before 2.1.11 and some of its required plugins Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10 do not escape a parameter before outputting it back in attributes,...
Cross site scripting
The Classima WordPress theme before 2.1.11 and some of its required plugins Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10 do not escape a parameter before outputting it back in attributes,...
CVE-2022-2654 Classima < 2.1.11 - Reflected Cross-Site Scripting
The Classima WordPress theme before 2.1.11 and some of its required plugins Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10 do not escape a parameter before outputting it back in attributes,...
CVE-2022-2654
The CVE-2022-2654 issue affects the Classima WordPress theme prior to 2.1.11 and several related components (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20, and Classima Core before 1.10). The root cause is failure to es...
CVE-2022-2654 Classima < 2.1.11 - Reflected Cross-Site Scripting
The Classima WordPress theme before 2.1.11 and some of its required plugins Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10 do not escape a parameter before outputting it back in attributes,...
WordPress theme Classima 跨站脚本漏洞
WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A cross-site scripting vulnerability exists in WordPress theme Classima prior to version 2.1.11, whic...
PT-2022-17927 · WordPress · Pre Classified Listings +4
Name of the Vulnerable Software and Affected Versions: Classima WordPress theme versions prior to 2.1.11 Classified Listing versions prior to 2.2.14 Classified Listing Pro versions prior to 2.0.20 Classified Listing Store & Membership versions prior to 1.4.20 Classima Core versions prior to 1.10...
Classima < 2.1.11 - Reflected Cross-Site Scripting
The theme and some of its required plugins do not escape a parameter before outputting it back in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/all-ads/?q="+onmouseover%3Dalert%281%29+id%3Dx+tabindex%3D0+style%3Ddisplay%3Ablock The XSS will be triggered when the us...
Classima < 2.1.11 - Reflected Cross-Site Scripting
The theme and some of its required plugins do not escape a parameter before outputting it back in attributes, leading to Reflected Cross-Site Scripting https://example.com/all-ads/?q="+onmouseover%3Dalert%281%29+id%3Dx+tabindex%3D0+style%3Ddisplay%3Ablock The XSS will be triggered when the user...